Extracted

• • Target

    be87988d10070a2a95aa02f5cdab0aab.exe

  • Size

    1.5MB

  • MD5

    be87988d10070a2a95aa02f5cdab0aab

  • SHA1

    b62fe5009101940ed28cc1167b2baeb418938cc6

  • SHA256

    64f51e7b139ab5cf5829321a7ea0e7cc8aad04f1ec1d872345ee029e679dd2af

  • SHA512

    ecadcc7e03b973d79265ddbe7165ed205ef18494924645b5c995bfba45aebc1196790d8831d856142b00841128ad3e7bc63a52290b57d50db6d4fd0960298018

  • SSDEEP

    49152:UbA30vMJT4D/NPNOUY389Nv7Meox7eQeblMR:UbqTwRkUYIvloxCQulMR

  Score

  10^/10

  quasartrumpusdiscoveryspywaretrojan

  • Quasar RAT

    Quasar is an open source Remote Access Tool.

    trojanspywarequasar

  • Quasar payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2